Remarks 

I . Summary of Office Action 

Claims 1-4 and 8-10 were pending in the application. 

The drawings were objected for failing to include a legend 
such as — Prior Art — in FIGS. 1 and 2. 

The Abstract was objected to for failing to commence on a 
separate sheet. 

Claims 1, 4, and 10 were rejected under 35 U.S.C. § 102(e) as 
being anticipated by Taylor et al . U.S. Patent No. 6,278,885 
(hereinafter "Taylor") . 

Claims 2-3 and 8-9 were rejected under 35 U.S.C. § 103(a) as 
being obvious from Taylor in view of Yadav U.S. Patent 
Publication No. 2003/0149887 (hereinafter "Yadav"). 

The Examiner's objections to the drawings and abstract and 
rejections of the claims are hereby addressed. 

I I . Summary of Applicants' Reply 

Applicants submit herewith amendments to the drawings and 
abstract in order to address the objections brought forth in the 
Office Action. No new matter has been added and the amendments 
are fully supported by the originally filed specification. 

Applicants hereby amend claims 1-4 and 8-10 to more 
particularly and clearly define applicants' claimed invention. 
Applicants submit new claims 11 and 12 for examination on the 
merits. No new matter has been added and the amendments and new 
claims are fully supported by the specification. Support for 
the amendments and new claims can be found, for example, in the 
originally filed claims; and on pages 8-9, paragraphs 71-75, of 
the originally filed specification. 
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The Examiner's objections to the drawings and abstract and 
rejections of the claims are hereby addressed. 

III . The Objection to the Drawings 

Two corrected drawing sheets showing amended FIGS. 1 and 2 are 
submitted herewith in order to address the Examiner's objection 
to the drawings. These sheets shall replace the previously- 
provided sheets including FIGS. 1 and 2 filed with the original 
application. 

The Office Action objected to FIGS. 1 and 2 for failing to 
include a legend. Applicants have amended FIGS. 1 and 2 to 
include a legend reading --Prior Art-- in order to address the 
Examiner's objection to the drawings. 

Applicants submit that no new matter has been added as a 
result of these amendments. In view of the foregoing, 
applicants respectfully submit that the objections to the 
drawings brought forth in the Office Action have been properly 
addressed and respectfully request that the objections to the 
drawings be withdrawn. 

IV. The Objection to the Specification 

The Abstract was objected to for failing to commence on a 
separate sheet. 

Applicants submit herewith a revised abstract which commences 
on a separate sheet. A marked-up copy of the abstract showing 
amendments to the abstract is also included. Applicants have 
amended the abstract to bring the abstract within the range of 
50 to 150 words. No new matter has been added, and the 
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amendments are fully supported by the originally filed 
application . 

In view of the foregoing, applicants respectfully request that 
the objection to the specification be withdrawn. 

V. The Prior-Art Rejections of the Claims 

Claims 1, 4, and 10 were rejected under 35 U.S.C. § 102(e) as 
being anticipated by Taylor. Claims 2-3 and 8-9 were rejected 
under 35 U.S.C. § 103(a) as being obvious from Taylor in view of 
Yadav . 

Independent claims 1, 4, and 10 are generally directed towards 
network security systems and methods for permitting trusted 
network communication programs to register server ports in a 
firewall. The system stores a list of trusted programs (i.e., 
■"^permitted" programs registered in an "internal permitted 
program storage") , and only allows "permitted" programs to 
register server ports in an internal permitted port storage. 
Once a port is registered, inbound packet traffic is allowed to 
bypass the firewall only if the destination ports of packets are 
registered ports. 

More specifically, an internal permitted program storage 
registers programs which are permitted communication by the 
firewall. A port monitoring unit extracts information about a 
server port being used through a network communication program, 
and if the network communication program is registered in the 
permitted program storage, an internal permitted port storage 
registers the server port. A firewall flexible device 
determines whether a destination port of a packet of inbound 
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traffic is registered in the internal permitted port storage, 
and blocks the packet if the destination port is not registered. 

Taylor describes a system and method for network access 
control using adaptive proxies. A configuration file prepared 
by a system administrator specifies a list of registered ports 

(col. 6, lines 4-12). When a connection control packet is 
received, a dynamic packet filter module (DPF) determines 
whether the port on which the packet was received is a 
registered port, and transfers information about the packet to a 
proxy only if the port is a registered port (col. 5, line 39, 
through col. 6, line 25). When a data packet is received, the 
packet is either sent to its destination if the packet belongs 
to an existing connection, or is processed through a 
transparency filter if the packet belongs to a new connection 

(col. 12, lines 20-39) . 

The Office Action alleges that Taylor fully anticipates 
applicants' claimed invention. In particular, the Office Action 
contends that Taylor teaches applicants' claimed "internal 
permitted program storage" used "for extracting [and 
registering] information about a program for which communication 
is permitted by the firewall", and further used for determining 
whether or not "information about [a] server port [should be 
registered] if [...] the network communication program extracted 
from the information [is] registered in the internal permitted 
program storage" (Office Action, page 3) . 

Applicants submit that Taylor in no way shows or suggests an 
internal permitted program storage for registering information 
about a permitted program , much less an internal permitted 
program storage used to determine whether to register a server 
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port for communication. Not only does Taylor fail to teach 
storing a list of ''^permitted programs", Taylor makes no mention 
of registering/blocking server ports based on the identity of 
network communication programs. 

At best, Taylor teaches a "configuration information file" 
used to store "information on which ports are registered [and] 
various filter rules to be applied for specific connections" 

(col. 6, lines 44-46). The configuration information file of 
Taylor, however, neither stores information about permitted 
programs, nor is used for determining whether or not a server 
port should be registered in an internal permitted port storage. 

If anything, applicants submit that Taylor teaches that the 
determination of whether or not a server port should be 
registered in an internal permitted port storage should be done 
by a system administrator . Indeed, Taylor teaches that a system 
administrator must manually register a port each time a network 
communication program requires a new or different server port 
for communication (col. 6, lines 4-5 and 53-55). In contrast, 
applicants' invention enables server ports to automatically be 
registered in an internal permitted port storage based on the 
identity of a network communication program using the port. For 
example, a program registered in applicants' internal permitted 
program storage and requiring a new server port for operation 

(e.g., after the program undergoes a software update) can 
automatically register the port without the intervention of a 
system administrator. At least because Taylor teaches 
registering ports for a firewall manually , applicants submit 
that Taylor teaches away from the claimed system and method for 
registering permitted programs in an internal permitted program 
storage and automatically registering ports based on the 
identity of ^trusted' network communication programs. 



14 



For at least the reason that Taylor fails to teach or suggest 
an internal permitted program storage, and further because 
Taylor teaches away from applicants' method for automatically 
registering server ports based on the identity of a 
communication program, applicants submit that applicants' 
claims 1, 4, and 10 are novel and non-obvious. Claims 2-3, 8, 
and 9, which each depend from one of claims 1 and 4, are 
allowable at least because they depend from allowable claims. 
In view of the foregoing, applicants respectfully request that 
the rejection of claims 1-4 and 8-10 be withdrawn. 

VI . Conclusion 

The foregoing brings the drawings and specification in 
accordance with statutory requirements and demonstrates that 
claims 1-4 and 8-12 are allowable. This application is 
therefore in condition for allowance. Reconsideration and 
allowance are accordingly respectfully requested. 

Respectfully submitted. 

Date: March 10, 2010 By; /Jae Y. Park/ 

JAE Y. PARK 

Reg. No. : 62, 62 9 

Attorney for applicants 

Kile, Goekjian, Reed & McManus, PLLC 

1200 New Hampshire Avenue NW, Suite 570 

Washington, DC 20036 

Tel. No.: 202-263-0809 
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